Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [Full-disclosure] Re: [EEYEB-20050523] Windows Kernel APC Data-FreeLocal Privilege Escalation Vulnerability
From: Tom Ferris (tommysecurity-protocols.com)
Date: Tue Dec 13 2005 - 15:22:38 CST
Retina can do remote registry, and file version checks with the proper
credentials. So more than likely, its doing a registry check for the
Key fingerprint = 0DFA 6275 BA05 0380 DD91 34AD C909 A338 D1AF 5D78
On Tue, 13 Dec 2005, Dave Korn wrote:
> Joshua Russel wrote in
>> It is a local vulnerability, then how does Retina claims to scan it
> Well, at a guess....
>> On 12/13/05, Advisories <Advisorieseeye.com> wrote:
>>> Systems Affected:
>>> Windows NT 4.0
>>> Windows 2000
>>> Beginning with Windows XP, KeFlushQueueApc contains a code fix that
>>> resolves this vulnerability.
> ... it just looks to see if the O/S is XP/2K3 or NT/2K.
> Can't think of a witty .sigline today....
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/